{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30345", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-29T14:33:47.686Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-18T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-28T14:56:12.591Z"}, "descriptions": [{"lang": "en", "value": "A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gdb5a18c4 allows attackers to write arbitrary files outside the intended directories via supplying a crafted import."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/CTFd/CTFd"}, {"url": "https://github.com/CTFd/CTFd/security/policy"}, {"url": "https://blog.ctfd.io/ctfd-3-8-2/"}, {"url": "https://github.com/syphonetic/CVE-2026-30345"}, {"url": "https://gist.github.com/syphonetic/2e16a6d1a44e7970c849a17efd0a2270"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-23", "lang": "en", "description": "CWE-23 Relative Path Traversal"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-19T14:06:14.969915Z", "id": "CVE-2026-30345", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-29T14:33:47.686Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30345", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-19T14:06:14.969915Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-23", "description": "CWE-23 Relative Path Traversal"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-19T14:07:13.764Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/CTFd/CTFd"}, {"url": "https://github.com/CTFd/CTFd/security/policy"}, {"url": "https://blog.ctfd.io/ctfd-3-8-2/"}, {"url": "https://github.com/syphonetic/CVE-2026-30345"}, {"url": "https://gist.github.com/syphonetic/2e16a6d1a44e7970c849a17efd0a2270"}], "descriptions": [{"lang": "en", "value": "A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gdb5a18c4 allows attackers to write arbitrary files outside the intended directories via supplying a crafted import."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-28T14:56:12.591Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30345", "state": "PUBLISHED", "dateUpdated": "2026-04-29T14:33:47.686Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-18T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gdb5a18c4 allows attackers to write arbitrary files outside the intended directories via supplying a crafted import."}, {"lang": "es", "value": "Una vulnerabilidad de zip slip en la funcionalidad de importaci\u00f3n del Administrador de CTFd v3.8.1-18-gdb5a18c4 permite a los atacantes escribir archivos arbitrarios fuera de los directorios previstos mediante el suministro de una importaci\u00f3n manipulada."}], "id": "CVE-2026-30345", "lastModified": "2026-04-28T15:16:28.177", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-18T17:16:06.703", "references": [{"source": "cve@mitre.org", "url": "https://blog.ctfd.io/ctfd-3-8-2/"}, {"source": "cve@mitre.org", "url": "https://gist.github.com/syphonetic/2e16a6d1a44e7970c849a17efd0a2270"}, {"source": "cve@mitre.org", "url": "https://github.com/CTFd/CTFd"}, {"source": "cve@mitre.org", "url": "https://github.com/CTFd/CTFd/security/policy"}, {"source": "cve@mitre.org", "url": "https://github.com/syphonetic/CVE-2026-30345"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-23"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.8.1-18-gdb5a18c4"}}], "enrichment": {"confidence": 85.0, "confidence_source": "inferred", "scores": [{"score": 85.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "ctfd", "vendor": "ctfd"}], "analysis": {"en": {"generated_at": "2026-03-19T16:15:13.568810+00:00", "value": {"mitigation_remediation": ["Upgrade CTFd to version 3.8.2 or later (see https://blog.ctfd.io/ctfd-3-8-2/)", "If upgrade is not immediately possible, disable the Admin import functionality or restrict it to trusted administrators only", "Ensure that the import endpoint performs strict validation of file paths to prevent path traversal"], "summary": {"action": "Patch Upgrade", "impact": "Arbitrary File Write"}, "threat_synthesis": {"affected_systems": "The affected product is the open\u2011source CTFd platform. Versions v3.8.1-18-gdb5a18c4 and all releases before the patch issued in CTFd v3.8.2 are vulnerable. No specific vendor is listed, but the platform is maintained by the CTFd community and its code is available on GitHub.", "description_and_impact": "A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gdb5a18c4 allows attackers to write arbitrary files outside the intended directories by supplying a crafted import. Key detail from vendor description: \"A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gdb5a18c4 allows attackers to write arbitrary files outside the intended directories via supplying a crafted import.\" This flaw permits an attacker to place potentially malicious files in sensitive locations on the host system, which could be used in a broader attack chain. The primary impact is the capability to write arbitrary files; it does not itself grant immediate code execution, but it enables further exploitation steps if the placed files are executed by an application with higher privileges.", "risk_and_exploitability": "The CVSS score of 7.5 indicates a high severity. The EPSS score of less than 1% suggests a low probability of exploitation in the wild at the time of disclosure. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is through the web interface\u2019s Admin import feature, which requires legitimate administrative access. Based on the description, it is inferred that an attacker would need to compromise an administrator's credentials or otherwise gain access to the import endpoint to exploit the flaw. If such access is obtained, the ability to write arbitrary files could be leveraged for additional attacks such as privilege escalation or remote code execution when the files are later executed in a trusted context."}}}}, "created": "2026-03-19T08:56:58.720599+00:00", "title": "CTFd Zip Slip Vulnerability in Admin Import Enables Arbitrary File Write", "updated": "2026-03-24T10:54:03.601654+00:00", "vendors": ["ctfd", "ctfd$PRODUCT$ctfd"]}